0.7.3
9 years ago
3 years ago
Known vulnerabilities in the simple-markdown package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for freeVulnerability | Vulnerable Version |
---|---|
simple-markdown is a markdown-like parser designed for simplicity and extensibility. Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) due to certain patterns which will exhibit increased complexity, therefore leading to increased parsing duration. How to fix Regular Expression Denial of Service (ReDoS)? Upgrade | <0.6.1 |
simple-markdown is a markdown-like parser designed for simplicity and extensibility. Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) such that spaces will be parsed as part of the How to fix Regular Expression Denial of Service (ReDoS)? Upgrade | <0.5.2 |
simple-markdown is a markdown-like parser designed for simplicity and extensibility. Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS). Parsing of complex quadratic documents with may cause a slowdown of PoC
How to fix Regular Expression Denial of Service (ReDoS)? Upgrade | <0.6.1 |
simple-markdown is a markdown-like parser designed for simplicity and extensibility. Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) via inline code blocks. How to fix Regular Expression Denial of Service (ReDoS)? Upgrade | <0.5.2 |
simple-markdown is a markdown-like parser designed for simplicity and extensibility. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) through the data of a vbscript link when base64 encoded. POC
How to fix Cross-site Scripting (XSS)? Upgrade | <0.4.4 |